Qilin Ransomware Turns South Korean MSP Breach Into 28-Victim 'Korean Leaks' Data Heist

Qilin ransomware group conducted a sophisticated supply chain attack targeting South Korea's financial sector through a Managed Service Provider (MSP) breach. The attack resulted in 28 victims in what's being called the 'Korean Leaks' data heist. The operation combined Qilin's Ransomware-as-a-Service (RaaS) capabilities with potential involvement from North Korean state-affiliated actors, specifically Moonstone Sleet. The attack leveraged the MSP infrastructure to reach multiple downstream clients, demonstrating the amplified impact of supply chain compromises in the financial sector.